cve/CVE-2017-3735.md at 18943f3353ca1cc3fd2595afa412856465e29c78

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-12-30 04:49:42 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.

POC

Reference

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.tenable.com/security/tns-2017-14
https://www.tenable.com/security/tns-2017-15

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/Live-Hack-CVE/CVE-2017-3735
https://github.com/chnzzh/OpenSSL-CVE-lib
https://github.com/hrbrmstr/internetdb
https://github.com/tlsresearch/TSI

1.3 KiB Raw Blame History

CVE-2017-3735

Description

POC

Reference

Github

1.3 KiB

Raw Blame History